As more and more of the world relies on the internet for their daily lives, hackers and nefarious actors are evolving more sophisticated methods of stealing vital information. Whereas a simple antivirus program may have been enough to protect yourself online in the early 2000s, you really need to be aware of every vector of transmission that can occur. Here are four quick tips for staying secure online as web technologies continue to advance.
1. Apps are not more secure than websites.
With most of the world interacting with the internet through mobile phones that are designed to be more secure than a traditional desktop, you’d think apps are a more secure way to interact with the web. You’d be wrong. There have been several cases where official app makers have accidentally left vulnerabilities inside their app that could lead to account theft.
For example, one security researcher discovered a vulnerability in the PayPal app that would allow the attacker to bypass two-factor authentication, which is an extra security layer that is supposed to make your account safer. Many antivirus programs can not catch and combat techniques like this, so users must be extra vigilant even when you think you’re protected.
2. Legitimate programs can have backdoor exploits.
Security-savvy people often say things like, “well if you wouldn’t download a bunch of junk on your computer, you wouldn’t get problems like viruses.” While that is mostly sound advice, it’s not exactly true that junk programs are responsible for some of the most used exploits that surface.
In fact, one security researcher discovered that a vulnerability could be introduced to systems that have certain games installed that run on game engines. CryEngine 3, Unreal Engine 3, Hydrogen Engine, and id Tech 4 were all found to have a memory corruption and buffer overflow vulnerability. This specific problem would allow attackers to execute arbitrary code or even carry out a DoS-attack against the computer.
3. Machine learning is the future of antivirus protection.
Machine learning is a huge component of next generation antivirus protection, as it can train an artificial intelligence to identify malicious code much easier than our current methods. Currently, security researchers identify new threats and malware just by adding it to a growing database of code. Hackers and malware users can alter their trojans and worms slightly to trip up these databases since they only match exact code.
Machine learning flips this business model on its head by helping an artificial intelligence identify these small shifts in code with similar intent, without requiring human intervention. Security researchers feed their growing database of malware code into the AI to train it to identify malicious code at its base level by comparing it to other code the AI knows is malicious.
4. New malware detection software follows a timeline.
Whereas most antivirus software alerts you to an infection or intrusion so you can take action, modern software is designed to help you follow the attack step-by-step to make sense of how everything happened.
One such service called Falcon Prevent gives users a process tree to follow after a detection, which provides details and context to understand what the hackers were hoping to achieve after the intrusion.
Identifying motives can help white-hat hackers build better penetration-proof network solutions while protecting sensitive data online.